<?php /*0*/

/**
  *	This file contains a class
  *
  *	@author Vytenis Urbonavicius <vytenis.urbonavicius@myhost.lt>
  *	@package CMS
  *	@version 0.0
  */

if ( !defined( 'SECURITY' ) ) {
	die( 'Direct access to this script is not allowed!' );
}

/**
  *	This class is responsible for filtering information
  *
  *	@author Vytenis Urbonavicius <vytenis.urbonavicius@myhost.lt>
  *	@version 0.0
  */
class Filter {
	
	/**
	  *	This method applies htmlspecialchars() for each item of an object
	  *
	  * <br /><br />
	  *	Note that parameters are located in an associative array
	  *
	  *	@author Vytenis Urbonavicius <vytenis.urbonavicius@myhost.lt>
	  *	@access public
	  *	@version 0.0
	  *
	  * @static
	  *
	  * @param &object that has to be filtered
	  */
	public static function escapeInjectionHTML( &$object ) {
	
		if ( is_array( $object ) ) {
			
			foreach ( array_keys( $object ) as $key ) {
				
				if ( is_array( $object[$key] ) ) {
					Filter::escapeInjectionHTML( $object[$key] );
				} else {
					$object[$key] = htmlspecialchars( $object[$key] );
				}
				
			}
			
		} else {
			$object = htmlspecialchars( $object );
		}
		
	}
	
	/**
	  *	This method applies mysql_real_escape_string() for each item of an object
	  *
	  * <br /><br />
	  *	Note that parameters are located in an associative array
	  *
	  *	@author Vytenis Urbonavicius <vytenis.urbonavicius@myhost.lt>
	  *	@access public
	  *	@version 0.0
	  *
	  * @static
	  *
	  * @param &object that has to be filtered
	  */
	public static function escapeInjectionMySQL( &$object ) {
	
		if ( is_array( $object ) ) {
			
			foreach ( array_keys( $object ) as $key ) {
				
				if ( is_array( $object[$key] ) ) {
					Filter::escapeInjectionMySQL( $object[$key] );
				} else {
					$object[$key] = mysql_real_escape_string( $object[$key] );
				}
				
			}
			
		} else {
			$object = mysql_real_escape_string( $object );
		}
		
	}
	
	/**
	  *	This method normalises file/directory address, so that there would be no extra slashes
	  *
	  * <br /><br />
	  *	Note that parameters are located in an associative array
	  *
	  *	@author Vytenis Urbonavicius <vytenis.urbonavicius@myhost.lt>
	  *	@access public
	  *	@version 0.0
	  *
	  * @static
	  *
	  * @param array $arguments - this is an associative array <br /><br />
	  * It contains: <br />
	  * 	- address - string address to be normalised <br />
	  *		- start_slash - bool removes slash at the beginning of the address if there is one <br />
	  *
	  *	@return string/false normalised address or false on error
	  */
	public static function normaliseAddress( $arguments ) {
		
		if ( !$address = Arguments::getArgument( array( 'title' => 'address', 'argument_array' => $arguments ) ) ) {
			return false;
		}
		if ( !is_string( $address ) ) {
			return false;
		}
		
		$start_slash = Arguments::getArgument( array( 'title' => 'start_slash', 'argument_array' => $arguments ) );
		
		// Remove backslashes
		$address = str_replace( '\\', '/', $address );
		
		// Delete a slash from the beginning if there is one
		if ( $start_slash ) {
			if ( strlen( $address ) > 0 ) {
				if ( strlen( $address ) >= strlen( constant( 'ROOT_DIR' ) ) ) {
					if ( substr( $address, 0, strlen( constant( 'ROOT_DIR' ) ) ) != constant( 'ROOT_DIR' ) ) {
						if ( substr( $address, 0, 1) == '/' ) {
							$address = substr( $address, 1, strlen( $address ) - 1 );
						}
					}
				}
			}
		}
		
		// Delete a slash at the end if exists
		if ( strlen( $address ) > 0 ) {
			if ( substr( $address, strlen( $address ) - 1, 1 ) == '/' ) {
				$address = substr( $address, 0, strlen( $address ) - 1 );
			}
		}
		
		return $address;
		
	}

}

?>